Legal

Privacy Policy

Version: 1.0 · Effective Date: May 12, 2026 · Last Updated: May 12, 2026

Summary. Klaro is an on‑premises AI platform. Your business data, prompts, voice audio, and AI processing run on your own machine. We do not host your content. When you connect third‑party services such as Microsoft 365, Google Workspace, or QuickBooks, Klaro accesses those services through your own authenticated credentials and only to perform the tasks you authorize. The following document explains this in detail.

1. Who we are

Klaro ("Klaro", "we", "us", "our") provides the Klaro autonomous AI C‑Suite platform (the "Service"), distributed primarily as an on‑premises desktop application and accompanying account, billing, and integration infrastructure available at klaroagents.com.

2. Scope of this policy

This Privacy Policy describes how we handle personal information that we collect through:

The marketing website at klaroagents.com;
Account creation, billing, and licensing for the Klaro desktop application;
Customer support and email correspondence;
Klaro‑hosted services that you optionally enable (for example, third‑party transcription or voice services billed by Klaro on your behalf).

It does not describe how third parties you connect to Klaro (e.g., Microsoft, Google, Intuit, OpenAI, Anthropic) handle data on their own platforms. Those providers operate under their own privacy policies, which apply to data within their systems.

3. Information we collect

3.1 Information you provide

Account information — name, work email address, organization name, role.
Billing information — processed by our payment provider; we do not store full payment card numbers.
Communications — content of messages you send to support, sales, or feedback channels.

3.2 Information processed locally on your device

The Klaro application runs on your own machine. The following categories of data are processed locally and, by default, are not transmitted to Klaro:

Documents, files, and Obsidian vault content you make available to your agents;
Prompts, conversations, agent decisions, and agent memory;
Voice audio captured by your microphone for speech‑to‑text;
Meeting transcripts and summaries produced by your local agents;
Credentials, API keys, and OAuth tokens for connected services.

3.3 Information collected automatically

Telemetry (optional). If you enable diagnostic telemetry, we collect aggregated, non‑content metadata such as crash reports, feature usage counts, and performance metrics. Telemetry never includes the content of your documents, prompts, or agent outputs.
Web analytics. The klaroagents.com website collects standard request metadata (IP address, user agent, referrer, page path) for security and traffic analysis. We do not use third‑party advertising trackers.

3.4 Information from third‑party integrations

When you authorize Klaro to connect to a third‑party service — for example, Microsoft 365 (Microsoft Graph, Teams), Google Workspace, or QuickBooks Online — your local Klaro instance receives an access token that allows it to read, write, and act on data within that service as you have authorized. Examples of data accessed include:

Calendar events, meeting metadata, and attendee lists;
Email messages, attachments, and contact information;
Drive / SharePoint / OneDrive files;
Chat messages in Teams, Slack, Google Chat, and other configured channels;
Accounting records such as invoices, customers, and transactions in QuickBooks.

This data is processed locally to perform tasks you direct your agents to carry out. It is not collected or stored by Klaro on our servers in the ordinary course of operation.

4. How we use information

We use the information described above to:

Provide, maintain, and improve the Service;
Authenticate users, manage subscriptions, and process payments;
Respond to support requests and product feedback;
Detect, prevent, and respond to security incidents and abuse;
Comply with legal obligations and enforce our Terms of Service.

5. Third‑party integrations

Klaro lets you connect to third‑party services. These connections use standard OAuth or API‑key authentication. We act as a tool that operates on your behalf within those services. Examples:

Microsoft 365 / Microsoft Graph / Teams — for calendar, mail, files, and meeting participation.
Google Workspace — Gmail, Calendar, Drive, Docs, Sheets.
Intuit QuickBooks Online — accounting operations.
LLM providers — Anthropic, OpenAI, Google Vertex AI, OpenRouter, Chutes, Ollama (local). Prompts may be sent to the provider you have configured. You may opt for fully local models via Ollama for an air‑gapped deployment.
Voice providers — Deepgram, Google, OpenAI Realtime, or local Moonshine + Kokoro, depending on your configuration.
Messaging — Slack, Google Chat, LinkedIn, Signal, Teams.
Telephony — phone relay providers for two‑way voice when configured.

Each provider processes data under its own privacy policy and terms. You are responsible for ensuring your use of those providers complies with the rights and consents you have obtained from your end users and counterparties.

6. Where data is stored

The majority of your operational data — agent memory, RAG indices, transcripts, documents, and credentials — resides on your local machine, typically under ~/.klaro/, in your local Postgres (with pgvector), and in your local Neo4j knowledge graph. Klaro encrypts credentials at rest using AES‑256‑GCM.

Account, billing, and licensing data are stored in our managed cloud systems in the regions where our infrastructure providers operate.

We share personal information only in these limited circumstances:

Service providers who help us operate the business (hosting, payment processing, email delivery, error tracking). These providers are bound by data‑processing agreements.
Third‑party integrations you authorize, only to the extent you direct your agents to send or receive data to/from them.
Legal compliance, when required by law, subpoena, or to protect the rights, safety, or property of Klaro, our users, or the public.
Business transfers in connection with a merger, acquisition, or sale of assets, with notice to affected users.

We do not sell personal information, and we do not use it for cross‑context behavioral advertising.

8. Retention

Account and billing records: retained while your account is active and for the period required by applicable tax and accounting laws.
Support correspondence: retained for up to 24 months.
Local data: retained on your machine until you delete it. Disconnecting an integration removes its stored credentials from Klaro and disables associated agent tools.

9. Security

We use industry‑standard administrative, technical, and physical safeguards, including:

AES‑256‑GCM encryption of credentials at rest;
TLS encryption in transit for all hosted endpoints;
Least‑privilege access controls for engineering and support staff;
Audit logging of agent decisions and approval queues.

No system is completely secure. You are responsible for protecting your local device, your OS user account, and the integrations and API keys you configure.

10. Your rights

Depending on where you live, you may have rights to access, correct, export, or delete personal information we hold about you, and to object to or restrict certain processing. To exercise any of these rights, contact us at privacy@klaroagents.com. For data stored locally on your device, you can exercise these rights directly through the application's settings.

11. Children's privacy

Klaro is intended for business use by adults. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, contact us and we will delete it.

12. International transfers

If you access the Service from outside the country where our infrastructure operates, your information may be transferred to, stored in, and processed in other jurisdictions with different data protection laws. We use appropriate safeguards, such as standard contractual clauses where required, for such transfers.

13. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email or through the application. The "Last Updated" date at the top of this page reflects the most recent revision.

14. Contact

Questions or requests about this policy may be sent to privacy@klaroagents.com.

This document is provided for transparency. It does not constitute legal advice. For specific compliance questions in your jurisdiction, consult qualified counsel.